diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-12-06 17:14:22 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-12-06 17:14:22 +0000 |
commit | b0d4b6150fac1f17c61058a19e86ccedc2ff87c2 (patch) | |
tree | 4ec51caa2caf3ac4b876240d7e45c80863a483fe | |
parent | 84db053194b3e76290e75e6c4a268b2143774687 (diff) | |
download | gnutls-b0d4b6150fac1f17c61058a19e86ccedc2ff87c2.tar.gz |
Added the new functions gnutls_get_malloc_function(), gnutls_get_free_function(). Also changed the way callback functions must allocate data. They now need to use these functions, instead of just calling malloc().
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | doc/TODO | 1 | ||||
-rw-r--r-- | doc/tex/Makefile.am | 2 | ||||
-rw-r--r-- | doc/tex/callbacks.tex | 24 | ||||
-rw-r--r-- | doc/tex/library.tex | 2 | ||||
-rw-r--r-- | lib/gnutls.h.in.in | 14 | ||||
-rw-r--r-- | lib/gnutls_datum.c | 6 | ||||
-rw-r--r-- | lib/gnutls_datum.h | 6 | ||||
-rw-r--r-- | lib/gnutls_db.c | 10 | ||||
-rw-r--r-- | lib/gnutls_global.c | 34 | ||||
-rw-r--r-- | lib/gnutls_mem.c | 8 | ||||
-rw-r--r-- | lib/gnutls_mem.h | 14 | ||||
-rw-r--r-- | lib/gnutls_state.c | 1 | ||||
-rw-r--r-- | lib/gnutls_str.c | 6 | ||||
-rw-r--r-- | lib/gnutls_str.h | 8 | ||||
-rw-r--r-- | libextra/auth_srp_passwd.c | 16 | ||||
-rw-r--r-- | libextra/auth_srp_passwd.h | 4 | ||||
-rw-r--r-- | libextra/gnutls_srp.c | 2 | ||||
-rw-r--r-- | src/cli.c | 12 | ||||
-rw-r--r-- | src/serv.c | 58 |
20 files changed, 169 insertions, 63 deletions
@@ -14,6 +14,10 @@ Version 0.5.12 than password files. - Added the function gnutls_openpgp_set_recv_key_function() which can be used to set a callback, to get OpenPGP keys. +- Added the new functions: + gnutls_get_malloc_function() + gnutls_get_free_function() + to be used in callbacks. Version 0.5.11 (5/11/2002) - Some fixes in 'gnutls-cli' client program to prevent some segmentation @@ -5,6 +5,7 @@ in order to avoid having people working on the same thing. Current list: + Add ability to read PKCS-12 structures (certificate and private key) * Convert documentation to texinfo format +* Provide the callbacks with a malloc() and a free() like functions. * Add support for certificate CRLs in certificate verification * Audit the code * Add GPGSM certificate manager support diff --git a/doc/tex/Makefile.am b/doc/tex/Makefile.am index 4cf7322bee..8023be5b54 100644 --- a/doc/tex/Makefile.am +++ b/doc/tex/Makefile.am @@ -17,7 +17,7 @@ TEX_OBJECTS = gnutls.tex ../../lib/gnutls-api.tex fdl.tex \ appendix.tex x509cert.xml.tex pgpcert.xml.tex \ programs.tex library.tex certificate.tex record_weaknesses.tex \ tlsintro.tex compression.tex $(EXAMPLE_OBJECTS) \ - tls_extensions.tex srp.tex preparation.tex + tls_extensions.tex srp.tex preparation.tex callbacks.tex gnutls.html: $(TEX_OBJECTS) -latex2html gnutls.tex -no_navigation -split 0 \ diff --git a/doc/tex/callbacks.tex b/doc/tex/callbacks.tex new file mode 100644 index 0000000000..59f3fff868 --- /dev/null +++ b/doc/tex/callbacks.tex @@ -0,0 +1,24 @@ +\section{Callback functions} +\index{Callback functions} + +There are several cases where \gnutls{} may need some out of band input from +your program. This is now implemented using some callback functions, +which your program is expected to register. + +An example of this type of functions are the push and pull callbacks +which are used to specify the functions that will retrieve and send +data to the transport layer. +\begin{itemize} +\item \printfunc{gnutls_transport_set_push_function}{gnutls\_transport\_set\_push\_function} +\item \printfunc{gnutls_transport_set_pull_function}{gnutls\_transport\_set\_pull\_function} +\end{itemize} + +Other callback functions such as the one set by +\printfunc{gnutls_srp_set_server_credentials_function}{gnutls\_srp\_set\_server\_credentials\_function}, +may require more complicated input, including data to be allocated. +These callbacks should use the following function to get a malloc() +and a free() like functions, to allocate data. +\begin{itemize} +\item \printfunc{gnutls_global_get_malloc_function}{gnutls\_global\_get\_malloc\_function} +\item \printfunc{gnutls_global_get_free_function}{gnutls\_global\_get\_free\_function} +\end{itemize} diff --git a/doc/tex/library.tex b/doc/tex/library.tex index 62cbdc4596..5ef9b58f29 100644 --- a/doc/tex/library.tex +++ b/doc/tex/library.tex @@ -107,3 +107,5 @@ with the previous one. \input{errors} \input{memory} + +\input{callbacks} diff --git a/lib/gnutls.h.in.in b/lib/gnutls.h.in.in index f215e9dd22..b65e00c468 100644 --- a/lib/gnutls.h.in.in +++ b/lib/gnutls.h.in.in @@ -312,10 +312,18 @@ int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials res, int gnutls_global_init(void); void gnutls_global_deinit(void); +typedef void* (*gnutls_alloc_function)(size_t); +typedef void (*gnutls_free_function)(void*); +typedef void* (*gnutls_realloc_function)(void*, size_t); + void gnutls_global_set_mem_functions( - void *(*gnutls_alloc_func)(size_t), void* (*gnutls_secure_alloc_func)(size_t), - int (*gnutls_is_secure_func)(const void*), void *(*gnutls_realloc_func)(void *, size_t), - void (*gnutls_free_func)(void*)); + gnutls_alloc_function, gnutls_alloc_function, + int (*gnutls_is_secure_func)(const void*), gnutls_realloc_function, + gnutls_free_function); + +/* For use in callbacks */ +gnutls_alloc_function* gnutls_global_get_malloc_function(void); +gnutls_free_function* gnutls_global_get_free_function(void); typedef void (*gnutls_log_func)( const char*); void gnutls_global_set_log_function( gnutls_log_func log_func); diff --git a/lib/gnutls_datum.c b/lib/gnutls_datum.c index 30b2cff11f..5d77cd0b01 100644 --- a/lib/gnutls_datum.c +++ b/lib/gnutls_datum.c @@ -49,7 +49,7 @@ void _gnutls_write_datum8( opaque* dest, gnutls_datum dat) { int _gnutls_set_datum_m( gnutls_datum* dat, const void* data, int data_size, - ALLOC_FUNC galloc_func) { + gnutls_alloc_function galloc_func) { dat->data = galloc_func(data_size); if (dat->data==NULL) return GNUTLS_E_MEMORY_ERROR; @@ -60,7 +60,7 @@ int _gnutls_set_datum_m( gnutls_datum* dat, const void* data, int data_size, } int _gnutls_datum_append_m( gnutls_datum* dst, const void* data, int data_size, - REALLOC_FUNC grealloc_func) { + gnutls_realloc_function grealloc_func) { dst->data = grealloc_func(dst->data, data_size+dst->size); if (dst->data==NULL) return GNUTLS_E_MEMORY_ERROR; @@ -71,7 +71,7 @@ int _gnutls_datum_append_m( gnutls_datum* dst, const void* data, int data_size, return 0; } -void _gnutls_free_datum_m( gnutls_datum* dat, FREE_FUNC gfree_func) { +void _gnutls_free_datum_m( gnutls_datum* dat, gnutls_free_function gfree_func) { if (dat->data!=NULL && dat->size!=0) gfree_func( dat->data); diff --git a/lib/gnutls_datum.h b/lib/gnutls_datum.h index b1b23d6571..f10026ffd7 100644 --- a/lib/gnutls_datum.h +++ b/lib/gnutls_datum.h @@ -4,14 +4,14 @@ void _gnutls_write_datum32( opaque* dest, gnutls_datum dat); void _gnutls_write_datum8( opaque* dest, gnutls_datum dat); int _gnutls_set_datum_m( gnutls_datum* dat, const void* data, int data_size, - ALLOC_FUNC); + gnutls_alloc_function); #define _gnutls_set_datum( x, y, z) _gnutls_set_datum_m(x,y,z, gnutls_malloc) #define _gnutls_sset_datum( x, y, z) _gnutls_set_datum_m(x,y,z, gnutls_secure_malloc) int _gnutls_datum_append_m( gnutls_datum* dat, const void* data, int data_size, - REALLOC_FUNC); + gnutls_realloc_function); #define _gnutls_datum_append(x,y,z) _gnutls_datum_append_m(x,y,z, gnutls_realloc) void _gnutls_free_datum_m( gnutls_datum* dat, - FREE_FUNC); + gnutls_free_function); #define _gnutls_free_datum(x) _gnutls_free_datum_m(x, gnutls_free) diff --git a/lib/gnutls_db.c b/lib/gnutls_db.c index 1c2ab4fdce..601f6bad2f 100644 --- a/lib/gnutls_db.c +++ b/lib/gnutls_db.c @@ -39,6 +39,9 @@ * sessions database. This function must return a gnutls_datum containing the * data on success, or a gnutls_datum containing null and 0 on failure. * + * The datum's data must be allocated using the function returned by + * gnutls_get_malloc_function(). + * * The first argument to store_function() will be null unless gnutls_db_set_ptr() * has been called. * @@ -222,10 +225,8 @@ int ret; gnutls_assert(); return ret; } - - /* Note: Data is not allocated with gnutls_malloc - */ - free(data.data); + + gnutls_free(data.data); return 0; } @@ -306,7 +307,6 @@ int ret = 0; if (session->internals.db_remove_func!=NULL) ret = session->internals.db_remove_func( session->internals.db_ptr, session_id); - return (ret == 0 ? ret : GNUTLS_E_DB_ERROR); } diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c index db106b36af..2494f1aa0d 100644 --- a/lib/gnutls_global.c +++ b/lib/gnutls_global.c @@ -68,11 +68,11 @@ static void dlog( const char* str) { #endif } -extern ALLOC_FUNC gnutls_secure_malloc; -extern ALLOC_FUNC gnutls_malloc; -extern FREE_FUNC gnutls_free; +extern gnutls_alloc_function gnutls_secure_malloc; +extern gnutls_alloc_function gnutls_malloc; +extern gnutls_free_function gnutls_free; extern int (*_gnutls_is_secure_memory)(const void*); -extern REALLOC_FUNC gnutls_realloc; +extern gnutls_realloc_function gnutls_realloc; extern char* (*gnutls_strdup)(const char*); extern void* (*gnutls_calloc)(size_t, size_t); @@ -344,3 +344,29 @@ gnutls_check_version( const char *req_version ) return NULL; } +/** + * gnutls_global_get_malloc_function - Returns a malloc() like function + * @session: is a &gnutls_session structure. + * + * This function will return a malloc() compatible function to be + * used by callbacks. + * + **/ +gnutls_alloc_function gnutls_global_get_malloc_function() +{ + return gnutls_malloc; +} + +/** + * gnutls_global_get_free_function - Returns a free() like function + * @session: is a &gnutls_session structure. + * + * This function will return a free() compatible function to be + * used by callbacks. + * + **/ +gnutls_alloc_function gnutls_global_get_free_function() +{ + return gnutls_free; +} + diff --git a/lib/gnutls_mem.c b/lib/gnutls_mem.c index 88a0787d0e..9dea5e3451 100644 --- a/lib/gnutls_mem.c +++ b/lib/gnutls_mem.c @@ -23,10 +23,10 @@ #include <gnutls_errors.h> #include <gnutls_num.h> -ALLOC_FUNC gnutls_secure_malloc = malloc; -ALLOC_FUNC gnutls_malloc = malloc; -FREE_FUNC gnutls_free = free; -REALLOC_FUNC gnutls_realloc = realloc; +gnutls_alloc_function gnutls_secure_malloc = malloc; +gnutls_alloc_function gnutls_malloc = malloc; +gnutls_free_function gnutls_free = free; +gnutls_realloc_function gnutls_realloc = realloc; void* (*gnutls_calloc)(size_t, size_t) = calloc; char* (*gnutls_strdup)(const char*) = strdup; diff --git a/lib/gnutls_mem.h b/lib/gnutls_mem.h index aedf27efb0..5a95d1da59 100644 --- a/lib/gnutls_mem.h +++ b/lib/gnutls_mem.h @@ -19,16 +19,16 @@ typedef void svoid; /* for functions that allocate using gnutls_secure_malloc */ # define gnutls_afree gnutls_free #endif /* HAVE_ALLOCA */ -typedef void* (*ALLOC_FUNC)(size_t); -typedef void (*FREE_FUNC)(void*); -typedef void* (*REALLOC_FUNC)(void*, size_t); +typedef void* (*gnutls_alloc_function)(size_t); +typedef void (*gnutls_free_function)(void*); +typedef void* (*gnutls_realloc_function)(void*, size_t); -extern ALLOC_FUNC gnutls_secure_malloc; -extern ALLOC_FUNC gnutls_malloc; -extern FREE_FUNC gnutls_free; +extern gnutls_alloc_function gnutls_secure_malloc; +extern gnutls_alloc_function gnutls_malloc; +extern gnutls_free_function gnutls_free; extern int (*_gnutls_is_secure_memory)(const void*); -extern REALLOC_FUNC gnutls_realloc; +extern gnutls_realloc_function gnutls_realloc; extern void* (*gnutls_calloc)(size_t, size_t); extern char* (*gnutls_strdup)( const char*); diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 689d12f6ab..6404e1e745 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -764,3 +764,4 @@ void gnutls_session_set_ptr(gnutls_session session, void* ptr) int gnutls_record_get_direction(gnutls_session session) { return session->internals.direction; } + diff --git a/lib/gnutls_str.c b/lib/gnutls_str.c index 2cb96c9478..00a3447932 100644 --- a/lib/gnutls_str.c +++ b/lib/gnutls_str.c @@ -69,9 +69,9 @@ void _gnutls_mem_cpy( char* dest, size_t dest_tot_size, const char* src, size_t } } -void _gnutls_string_init( gnutls_string* str, ALLOC_FUNC alloc_func, - REALLOC_FUNC realloc_func, - FREE_FUNC free_func) +void _gnutls_string_init( gnutls_string* str, gnutls_alloc_function alloc_func, + gnutls_realloc_function realloc_func, + gnutls_free_function free_func) { str->data = NULL; str->max_length = 0; diff --git a/lib/gnutls_str.h b/lib/gnutls_str.h index de2f31c614..5b5c8f1039 100644 --- a/lib/gnutls_str.h +++ b/lib/gnutls_str.h @@ -11,12 +11,12 @@ typedef struct { opaque * data; size_t max_length; size_t length; - REALLOC_FUNC realloc_func; - ALLOC_FUNC alloc_func; - FREE_FUNC free_func; + gnutls_realloc_function realloc_func; + gnutls_alloc_function alloc_func; + gnutls_free_function free_func; } gnutls_string; -void _gnutls_string_init( gnutls_string*, ALLOC_FUNC, REALLOC_FUNC, FREE_FUNC); +void _gnutls_string_init( gnutls_string*, gnutls_alloc_function, gnutls_realloc_function, gnutls_free_function); void _gnutls_string_clear( gnutls_string*); /* Beware, do not clear the string, after calling this diff --git a/libextra/auth_srp_passwd.c b/libextra/auth_srp_passwd.c index a032b176fa..fd5a6d3a1c 100644 --- a/libextra/auth_srp_passwd.c +++ b/libextra/auth_srp_passwd.c @@ -243,7 +243,6 @@ SRP_PWD_ENTRY *_gnutls_srp_pwd_read_entry( gnutls_session state, char* username, if (cred->pwd_callback != NULL) { ret = cred->pwd_callback( state, username, &entry->salt, &entry->v, &entry->g, &entry->n); - entry->malloced = 1; if (ret < 0) { gnutls_assert(); @@ -359,17 +358,10 @@ SRP_PWD_ENTRY* _gnutls_randomize_pwd_entry() { } void _gnutls_srp_entry_free( SRP_PWD_ENTRY * entry) { - if (entry->malloced) { - free( entry->v.data); entry->v.data = NULL; - free( entry->g.data); entry->g.data = NULL; - free( entry->n.data); entry->n.data = NULL; - free( entry->salt.data); entry->salt.data = NULL; - } else { - _gnutls_free_datum(&entry->v); - _gnutls_free_datum(&entry->g); - _gnutls_free_datum(&entry->n); - _gnutls_free_datum(&entry->salt); - } + _gnutls_free_datum(&entry->v); + _gnutls_free_datum(&entry->g); + _gnutls_free_datum(&entry->n); + _gnutls_free_datum(&entry->salt); gnutls_free(entry->username); gnutls_free(entry); diff --git a/libextra/auth_srp_passwd.h b/libextra/auth_srp_passwd.h index 2171adb782..14b17c36f9 100644 --- a/libextra/auth_srp_passwd.h +++ b/libextra/auth_srp_passwd.h @@ -7,10 +7,6 @@ typedef struct { gnutls_datum v; gnutls_datum g; gnutls_datum n; - - int malloced; /* if non zero, use free() instead of gnutls_free() - */ - } SRP_PWD_ENTRY; /* this is localy alocated. It should be freed using the provided function */ diff --git a/libextra/gnutls_srp.c b/libextra/gnutls_srp.c index 2279a28f7a..f58733a698 100644 --- a/libextra/gnutls_srp.c +++ b/libextra/gnutls_srp.c @@ -514,7 +514,7 @@ void gnutls_srp_server_set_select_function(gnutls_session session, * 'username' contains the actual username. * * The 'salt', 'verifier', 'generator' and 'prime' must be filled - * in (using malloc). + * in using the malloc returned by gnutls_get_malloc_function(). * * In case the callback returned a negative number then gnutls will * assume that the username does not exist. @@ -119,9 +119,6 @@ void init_global_tls_stuff(void); #define DEFAULT_PGP_CERTFILE "openpgp/cli_pub.asc" #define DEFAULT_PGP_KEYRING "openpgp/cli_ring.gpg" -#define DEFAULT_SRP_USERNAME "test" -#define DEFAULT_SRP_PASSWD "test" - /* initializes a gnutls_session with some defaults. */ static gnutls_session init_tls_session( const char* hostname) @@ -428,13 +425,9 @@ void gaa_parser(int argc, char **argv) if (info.srp_passwd != NULL) srp_passwd = info.srp_passwd; - else - srp_passwd = DEFAULT_SRP_PASSWD; if (info.srp_username != NULL) srp_username = info.srp_username; - else - srp_username = DEFAULT_SRP_USERNAME; #else srp_username = info.srp_username; srp_passwd = info.srp_passwd; @@ -653,7 +646,10 @@ int ret; if (gnutls_srp_allocate_client_credentials(&cred) < 0) { fprintf(stderr, "SRP authentication error\n"); } - gnutls_srp_set_client_credentials(cred, srp_username, srp_passwd); + + if ((ret=gnutls_srp_set_client_credentials(cred, srp_username, srp_passwd)) < 0) { + fprintf(stderr, "SRP credentials set error [%d]\n", ret); + } } /* ANON stuff */ diff --git a/src/serv.c b/src/serv.c index 0590777239..161c620bd4 100644 --- a/src/serv.c +++ b/src/serv.c @@ -42,6 +42,59 @@ #include <config.h> #include <list.h> +#define ENA 1 +#if ENA + +#include <opencdk.h> + + +int +recv_openpgp_key(gnutls_session session, const unsigned char *keyfpr, + unsigned int keyfpr_length, gnutls_datum * key) +{ +static const char *hostname = "hkp://wwwkeys.pgp.net"; +static const short port = 11371; + int rc; + CDK_KBNODE knode = NULL; + + /* The key fingerprint should be 20 bytes + * in v4 keys. + */ + if (keyfpr_length != 20) + return -1; + + rc = cdk_keyserver_recv_key( hostname, port, keyfpr, + CDK_DBSEARCH_FPR, &knode ); + + if( !rc ) { + size_t len; + + cdk_kbnode_write_to_mem( knode, NULL, &len); + + key->data = malloc( len); + if (key->data==NULL) { + rc = -1; + goto finish; + } + + cdk_kbnode_write_to_mem( knode, key->data, &len); + + rc = 0; /* success */ + + } else { + rc = -1; + } + + finish: + + cdk_kbnode_release( knode ); + return rc; + +} + + +#endif + /* konqueror cannot handle sending the page in multiple * pieces. */ @@ -255,6 +308,10 @@ gnutls_session initialize_session (void) */ gnutls_handshake_set_private_extensions( session, 1); +#if ENA +gnutls_openpgp_set_recv_key_function( session, recv_openpgp_key); +#endif + if (nodb==0) { gnutls_db_set_retrieve_function( session, wrap_db_fetch); gnutls_db_set_remove_function( session, wrap_db_delete); @@ -591,7 +648,6 @@ int main(int argc, char **argv) fprintf(stderr, "Error while setting SRP parameters\n"); } - gnutls_anon_allocate_server_credentials(&dh_cred); if (generate != 0) gnutls_anon_set_server_dh_params(dh_cred, dh_params); |